diff options
| author | Lukas Reschke <lukas@owncloud.com> | 2014-09-23 12:15:43 +0200 |
|---|---|---|
| committer | Lukas Reschke <lukas@owncloud.com> | 2014-09-23 12:15:43 +0200 |
| commit | cd6de9b8e41c584092821d0a0071351b6426ba32 (patch) | |
| tree | a10856077d89c8210c4cde6721aebcaa4c7779d0 | |
| parent | 2e0fbba37b130ffed5289785c34f43dabb62c466 (diff) | |
| download | nextcloud-server-cd6de9b8e41c584092821d0a0071351b6426ba32.tar.gz nextcloud-server-cd6de9b8e41c584092821d0a0071351b6426ba32.zip | |
Do only follow HTTP and HTTPS redirects
Backport of #11032 to stable5
| -rw-r--r-- | apps/files/ajax/newfile.php | 11 | ||||
| -rw-r--r-- | lib/user/http.php | 3 | ||||
| -rwxr-xr-x | lib/util.php | 90 |
3 files changed, 60 insertions, 44 deletions
diff --git a/apps/files/ajax/newfile.php b/apps/files/ajax/newfile.php index a68716f5db3..56b741544f1 100644 --- a/apps/files/ajax/newfile.php +++ b/apps/files/ajax/newfile.php @@ -60,7 +60,16 @@ if($source) { exit(); } - $ctx = stream_context_create(null, array('notification' =>'progress')); + $contextArray = array( + 'http' => array( + 'timeout' => 10, + 'follow_location' => false, // Do not follow the location since we can't limit the protocol + ), + 'ssl' => array( + 'disable_compression' => true + ) + ); + $ctx = stream_context_create($contextArray, array('notification' =>'progress')); $sourceStream=fopen($source, 'rb', false, $ctx); $target=$dir.'/'.$filename; $result=\OC\Files\Filesystem::file_put_contents($target, $sourceStream); diff --git a/lib/user/http.php b/lib/user/http.php index 944ede73a0b..71e3fbd59a4 100644 --- a/lib/user/http.php +++ b/lib/user/http.php @@ -72,7 +72,8 @@ class OC_User_HTTP extends OC_User_Backend { curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_USERPWD, $user.':'.$password); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); - + curl_setopt($ch, CURLOPT_PROTOCOLS, CURLPROTO_HTTP | CURLPROTO_HTTPS); + curl_setopt($ch, CURLOPT_REDIR_PROTOCOLS, CURLPROTO_HTTP | CURLPROTO_HTTPS); curl_exec($ch); $status = curl_getinfo($ch, CURLINFO_HTTP_CODE); diff --git a/lib/util.php b/lib/util.php index 13231b8df21..c486ff6a01b 100755 --- a/lib/util.php +++ b/lib/util.php @@ -798,54 +798,60 @@ class OC_Util { */ public static function getUrlContent($url){ + if(stripos($url, 'https://') === 0 || stripos($url, 'http://') === 0) { + if (function_exists('curl_init')) { + + $curl = curl_init(); + + curl_setopt($curl, CURLOPT_HEADER, 0); + curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1); + curl_setopt($curl, CURLOPT_CONNECTTIMEOUT, 10); + curl_setopt($curl, CURLOPT_URL, $url); + curl_setopt($curl, CURLOPT_FOLLOWLOCATION, true); + curl_setopt($curl, CURLOPT_MAXREDIRS, 10); + curl_setopt($curl, CURLOPT_PROTOCOLS, CURLPROTO_HTTP | CURLPROTO_HTTPS); + curl_setopt($curl, CURLOPT_REDIR_PROTOCOLS, CURLPROTO_HTTP | CURLPROTO_HTTPS); + + curl_setopt($curl, CURLOPT_USERAGENT, "ownCloud Server Crawler"); + if(OC_Config::getValue('proxy', '')<>'') { + curl_setopt($curl, CURLOPT_PROXY, OC_Config::getValue('proxy')); + } + if(OC_Config::getValue('proxyuserpwd', '')<>'') { + curl_setopt($curl, CURLOPT_PROXYUSERPWD, OC_Config::getValue('proxyuserpwd')); + } + $data = curl_exec($curl); + curl_close($curl); - if (function_exists('curl_init')) { - - $curl = curl_init(); - - curl_setopt($curl, CURLOPT_HEADER, 0); - curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1); - curl_setopt($curl, CURLOPT_CONNECTTIMEOUT, 10); - curl_setopt($curl, CURLOPT_URL, $url); - curl_setopt($curl, CURLOPT_FOLLOWLOCATION, true); - curl_setopt($curl, CURLOPT_MAXREDIRS, 10); - - curl_setopt($curl, CURLOPT_USERAGENT, "ownCloud Server Crawler"); - if(OC_Config::getValue('proxy', '')<>'') { - curl_setopt($curl, CURLOPT_PROXY, OC_Config::getValue('proxy')); - } - if(OC_Config::getValue('proxyuserpwd', '')<>'') { - curl_setopt($curl, CURLOPT_PROXYUSERPWD, OC_Config::getValue('proxyuserpwd')); - } - $data = curl_exec($curl); - curl_close($curl); - - } else { - $contextArray = null; - - if(OC_Config::getValue('proxy', '')<>'') { - $contextArray = array( - 'http' => array( - 'timeout' => 10, - 'proxy' => OC_Config::getValue('proxy') - ) - ); } else { - $contextArray = array( - 'http' => array( - 'timeout' => 10 - ) - ); - } + $contextArray = null; + + if(OC_Config::getValue('proxy', '')<>'') { + $contextArray = array( + 'http' => array( + 'follow_location' => false, // Do not follow the location since we can't limit the protocol + 'timeout' => 10, + 'proxy' => OC_Config::getValue('proxy') + ) + ); + } else { + $contextArray = array( + 'http' => array( + 'follow_location' => false, // Do not follow the location since we can't limit the protocol + 'timeout' => 10 + ) + ); + } - $ctx = stream_context_create( - $contextArray - ); - $data=@file_get_contents($url, 0, $ctx); + $ctx = stream_context_create( + $contextArray + ); + $data=@file_get_contents($url, 0, $ctx); + } + return $data; } - return $data; + return false; } /** |